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This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Withdrawn) An authentication system, comprising: 

a filter to monitor sessions between a client and a server for proper authentication; 

a plug-in coupled to the client and the server, said plug-in to generate public and private 

key pairs, and to receive and store certificates; and 
an extension coupled to said filter, said extension to generate script commands to cause 
the client and the server to perform required operations indicated by said filter. 

2. (Withdrawn) The system of claim 1, wherein the certificates are used to certify the client to 
the server. 

3. (Withdrawn) The system of claim 1, wherein the certificates are used to certify the server to 
the client. 

4. (Withdrawn) The system of claim 1, wherein the certificates are used to certify the client and 
the server to each other. 

5. (Withdrawn) The system of claim 1, wherein the script commands are implemented in a 
hypertext markup language (HTML) program. 
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6. (Withdrawn) A secure client/server system, comprising: 
a client to request data or service; 
a server to provide the requested data or service; and 
an authentication system including: 

a filter to monitor sessions between the client and the server for proper 

authentication, 

a plug-in coupled to the client and the server, said plug-in to generate public and 
private key pairs, and to receive and store certificates, and 

an extension coupled to said filter, said extension to generate script commands to 
cause the client and the server to perform required steps indicated by said 
filter. 

7. (Withdrawn) The system of claim 6, wherein the certificates are used to certify the client to 
the server. 

8. (Original) A method for providing a single sign-on authentication and privacy, comprising: 

submitting a request to access a node; . 
directing to submit a certificate; 

verifying the submitted certificate with a trusted certificate; 

performing a challenge; 

generating a response to the challenge; and 

saving the response as a named cookie. 

9. (Original) The method of claim 8, wherein said response is used as a security token. 

10. (Original) The method of claim 9, wherein said security token is used to propagate an initial 
authentication. 

11. (Original) The method of claim 8, further comprising: 

creating a connection session if the certificate is valid. 
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12. (Currently Amended) The method of claim 8, wherein said verifying the submitted 
certificate includes matehmg- checking a signature on the submitted certificate with a signature 
eft the trusted certificate. 

13. (Currently Amended) The method of claim 8, further comprising: 

generating a key; 

encrypting the key with a client's public key; 

sending an encrypted key to a client; and 

using the encrypt e d key to encrypt communication. 

14. (Currently Amended) A method for providing client privacy, comprising: 

determining the client is a WinDSfET-bas ed component; 
generating a key; 

encrypting the key with a client's public key; 

sending an encrypted key to a client; and 

using the encrypted key to encrypt communication. 

15. (Original) The method of claim 14, wherein said sending the encrypted key includes sending 

the key using a hypertext transfer protocol (HTTP) header. 

16. (Original) A method for providing a single sign-on authentication and privacy, comprising: 

submitting a request to access a node; 
directing to submit a certificate; 

verifying the submitted certificate with a trusted certificate; 

performing a challenge; 

generating a response to the challenge; 

saving the response as a named cookie with an authentication token; and 

using standard Secure Socket Layer (SSL) library to provide communication privacy. 

17. (Currently Amended) The method of claim 16, wherein said verifying includes creating and 
registering a new authentication session. 
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18. (Original) The method of claim 17, wherein said verifying includes validating the new 
authentication session with the authentication token. 

19. (Original) The method of claim 16, wherein said verifying includes indicating a failure 
status to a client if said verifying fails. 

20. (Original) The method of claim 16, wherein said performing said challenge includes 
generating a node challenge random number. 

21. (Original) A method of claim 16, wherein said directing includes receiving an address of the 

node; and 

checking to determine if the address is protected. 

22. (Original) The method of claim 16, further comprising: 

determining if the authentication token is already present. 

23. (Currently Amended) The method of claim 22, further comprising: 

determining if a client is on an access control list if the authentication token is present 

and valid. 

24. (Original) An apparatus comprising a computer-readable storage medium having executable 
instructions that enable the computer to: 

submit a request to access a node; 
direct to submit a certificate; 

verify the submitted certificate with a trusted certificate; 

perform a challenge; 

generate a response to the challenge; and 

save the response as a named cookie. 

25. (Original) The apparatus of claim 24, wherein said response is used as a security token. 
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26. (Original) An apparatus comprising a computer-readable storage medium having executable 
instructions that enable the computer to: 

submit a request to access a node; 
direct to submit a certificate; 

verify the submitted certificate with a trusted certificate; 

perform a challenge; 

generate a response to the challenge; 

save the response as a named cookie with an authentication token; and 

use standard Secure Socket Layer (SSL) library to provide communication privacy. 

27. (Original) The apparatus of claim 26, wherein said verify the submitted certificate includes 
instructions to create and register new authentication session. 
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